spf-discuss
[Top] [All Lists]

RE: Re: Good Domain List one step closer to reality (actually two steps)

2004-08-17 16:46:14
On Mon, 16 Aug 2004, Guy Watkins wrote:

Also, if certificates are free, spammers and hackers can get one just as
easy as me.  So what good are they?  Good for testing, sure.

Verisign only vouches that the name and address on the cert are real and
that that entity applied for the certificate.

cacert.org does the same thing - only better.  To get a named cacert.org
cert you have to meet in person with at least 2 local "Assurers" (members
with high enough trust and experience points) who will assure that you
are the person on your drivers license or whatever.

It is easier to fool verisign - and several have done so already.

Either can be bribed.  But with cacert.org you have to get 2 experienced
assurers (or 5 novices) to agree to the bribe - and guess right the first time. 

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.


<Prev in Thread] Current Thread [Next in Thread>